Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability
A vulnerability in command execution from the command line-interface (CLI) of Cisco Access Point (AP) platforms could allow an authenticated, local attacker to perform privilege escalation to root-level privileges.The vulnerability occurs because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by authenticating to the affected device, crafting user input parameters for certain commands, and executing the command at the CLI. An exploit could allow the attacker to elevate privileges to the root level.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: http://ift.tt/2b1lIAn
A vulnerability in command execution from the command line-interface (CLI) of Cisco Access Point (AP) platforms could allow an authenticated, local attacker to perform privilege escalation to root-level privileges.The vulnerability occurs because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by authenticating to the affected device, crafting user input parameters for certain commands, and executing the command at the CLI. An exploit could allow the attacker to elevate privileges to the root level.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: http://ift.tt/2b1lIAn
Security Impact Rating: Medium
CVE: CVE-2016-6362
from Cisco Security Advisory http://ift.tt/2b1lIAn